last executing test programs: 2m32.48592622s ago: executing program 2 (id=2802): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/memory.pressure\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)='8', 0x1) 2m32.340622497s ago: executing program 2 (id=2803): mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) 2m32.228502246s ago: executing program 2 (id=2806): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x10, 0x0, [{0x48d, 0x400, 0x9}]}) 2m32.038492887s ago: executing program 2 (id=2810): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/fs/xfs/irix_symlink_mode\x00', 0xa0202, 0x0) sendfile$auto(r0, r0, 0x0, 0x2) 2m31.878138968s ago: executing program 2 (id=2813): tkill$auto(0x1, 0x7) keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x48eafc79) 2m31.62678944s ago: executing program 2 (id=2820): r0 = socket(0x15, 0x5, 0x0) syz_genetlink_get_family_id$auto_wireguard(&(0x7f00000013c0), r0) 2m31.319384276s ago: executing program 32 (id=2820): r0 = socket(0x15, 0x5, 0x0) syz_genetlink_get_family_id$auto_wireguard(&(0x7f00000013c0), r0) 1.96295845s ago: executing program 3 (id=5703): openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x82042, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) 1.133807431s ago: executing program 1 (id=5719): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper\x00', 0x80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/17, 0x11) 1.036119475s ago: executing program 4 (id=5720): ioperm$auto(0x7, 0x6, 0x2) io_uring_enter$auto(0xffffffffffffffff, 0x1, 0x82400004, 0x4b, 0x0, 0xd) 1.017441117s ago: executing program 3 (id=5721): set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) 955.263771ms ago: executing program 1 (id=5722): r0 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r0, 0x1, 0x3e, &(0x7f0000000040)='\t\x00T\xce\xb3O1\xa8\x98HgGKt\xc1\x91Cy\n\x106\xe3\xd8\x96\xe9\xf9\x7f`\x10\xbd\x06P\xec\xab\xd8\xb7\xb5\x9eW\x10w\xf0\xbf\x86\xca\x8bii', &(0x7f0000000080)=0x3) 925.386859ms ago: executing program 0 (id=5723): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0) pread64$auto(r0, 0x0, 0x8, 0x8000) 900.655812ms ago: executing program 4 (id=5724): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r0, &(0x7f0000000180)="0a1b9a5c7b00006e163bb154d7886d8edeea371cadb848770dc8f745d1c76eedba12b9f694dabdbcf3401910000000000060000023b5d40a", 0x38) 803.660326ms ago: executing program 1 (id=5725): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) move_pages$auto(0x0, 0x5, 0x0, &(0x7f00000003c0)=0x1, 0x0, 0x2) 773.711457ms ago: executing program 4 (id=5726): r0 = openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000200), 0x40002, 0x0) write$auto(r0, &(0x7f0000000240)='\'\b\x00\x00\x00\x00\x00\x00\x00\x00', 0x3) 766.62839ms ago: executing program 0 (id=5727): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r0, 0x5459, 0xffffffffffffffff) 705.430684ms ago: executing program 3 (id=5728): open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mount$auto(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='ufs\x00', 0x9, 0x0) 614.296451ms ago: executing program 0 (id=5729): socket(0x22, 0x3, 0x0) ioctl$auto(0x3, 0x80044944, 0x10000000000402) 595.047198ms ago: executing program 4 (id=5730): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) ioctl$auto(0x3, 0x80045438, 0x10000000000402) 577.666416ms ago: executing program 3 (id=5731): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto_IOC_PR_CLEAR(r0, 0x401070cd, &(0x7f0000000000)={0x4, 0xeffffffd}) 459.776615ms ago: executing program 1 (id=5732): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/vlan/config\x00', 0x400, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000100)=""/140, 0x8c) 410.386976ms ago: executing program 0 (id=5733): r0 = openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000006640), 0x2, 0x0) readv$auto(r0, &(0x7f0000000040)={0x0, 0x36a}, 0x6) 370.990555ms ago: executing program 3 (id=5741): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001080)='/proc/thread-self/net/rxrpc/locals\x00', 0x40080, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=""/4096, 0x1000) 370.216779ms ago: executing program 4 (id=5734): r0 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r0, 0x0, 0x20000000001, 0x7fff) 295.834069ms ago: executing program 1 (id=5735): socket(0x2, 0x801, 0x100) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) 224.050086ms ago: executing program 3 (id=5736): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd6/queue/scheduler\x00', 0x189002, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 220.849407ms ago: executing program 0 (id=5737): socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xd0, 0xfffffffffffffffc, 0x4) 94.823463ms ago: executing program 1 (id=5738): r0 = openat$auto_bridges_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/encoder-0/bridges\x00', 0x8200, 0x0) read$auto_bridges_fops_(r0, &(0x7f0000000040)=""/5, 0x5) 50.088155ms ago: executing program 4 (id=5739): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$auto(r0, 0x400454ca, 0x38) 0s ago: executing program 0 (id=5740): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x2, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.184' (ED25519) to the list of known hosts. [ 97.160114][ T5818] cgroup: Unknown subsys name 'net' [ 97.321175][ T5818] cgroup: Unknown subsys name 'cpuset' [ 97.331314][ T5818] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 99.209186][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.238229][ T1206] cfg80211: failed to load regulatory.db [ 104.083109][ T5835] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.106361][ T5835] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 104.114401][ T5835] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 104.127129][ T5835] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 104.143969][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.171007][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 104.192838][ T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 104.201520][ T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.211166][ T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 104.218954][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 104.227593][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 104.236974][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 104.244956][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 104.252895][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.261470][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.271069][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.271246][ T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 104.286230][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.298180][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 104.313011][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 104.968142][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 104.982951][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 105.103305][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 105.142457][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 105.279749][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.288581][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.296505][ T5837] bridge_slave_0: entered allmulticast mode [ 105.304034][ T5837] bridge_slave_0: entered promiscuous mode [ 105.329774][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.337141][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.344951][ T5834] bridge_slave_0: entered allmulticast mode [ 105.353585][ T5834] bridge_slave_0: entered promiscuous mode [ 105.386770][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.394122][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.401683][ T5837] bridge_slave_1: entered allmulticast mode [ 105.409355][ T5837] bridge_slave_1: entered promiscuous mode [ 105.440140][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.447475][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.454670][ T5834] bridge_slave_1: entered allmulticast mode [ 105.462930][ T5834] bridge_slave_1: entered promiscuous mode [ 105.561137][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.582785][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.594094][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.602194][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.609723][ T5839] bridge_slave_0: entered allmulticast mode [ 105.617917][ T5839] bridge_slave_0: entered promiscuous mode [ 105.627477][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.634720][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.642210][ T5839] bridge_slave_1: entered allmulticast mode [ 105.650506][ T5839] bridge_slave_1: entered promiscuous mode [ 105.660222][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.701992][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.809079][ T5837] team0: Port device team_slave_0 added [ 105.818898][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.829250][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.837263][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.844548][ T5838] bridge_slave_0: entered allmulticast mode [ 105.853007][ T5838] bridge_slave_0: entered promiscuous mode [ 105.864501][ T5834] team0: Port device team_slave_0 added [ 105.872645][ T5837] team0: Port device team_slave_1 added [ 105.897654][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.921527][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.931316][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.938891][ T5838] bridge_slave_1: entered allmulticast mode [ 105.946725][ T5838] bridge_slave_1: entered promiscuous mode [ 105.955133][ T5834] team0: Port device team_slave_1 added [ 106.023790][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.033809][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.060808][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.077354][ T5839] team0: Port device team_slave_0 added [ 106.113503][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.121014][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.147494][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.171149][ T5839] team0: Port device team_slave_1 added [ 106.197475][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.207518][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.214524][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.237345][ T5835] Bluetooth: hci0: command tx timeout [ 106.241259][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.260036][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.267100][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.293089][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.316384][ T5840] Bluetooth: hci1: command tx timeout [ 106.319442][ T5835] Bluetooth: hci3: command tx timeout [ 106.332919][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.351798][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.359006][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.385474][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.396276][ T5835] Bluetooth: hci2: command tx timeout [ 106.436975][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.443954][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.470250][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.519593][ T5837] hsr_slave_0: entered promiscuous mode [ 106.526745][ T5837] hsr_slave_1: entered promiscuous mode [ 106.544123][ T5838] team0: Port device team_slave_0 added [ 106.554496][ T5838] team0: Port device team_slave_1 added [ 106.599131][ T5834] hsr_slave_0: entered promiscuous mode [ 106.606764][ T5834] hsr_slave_1: entered promiscuous mode [ 106.613107][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.621256][ T5834] Cannot create hsr debugfs directory [ 106.706041][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.713046][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.739924][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.752940][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.760234][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.786888][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.804531][ T5839] hsr_slave_0: entered promiscuous mode [ 106.811155][ T5839] hsr_slave_1: entered promiscuous mode [ 106.817637][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.825280][ T5839] Cannot create hsr debugfs directory [ 107.083183][ T5838] hsr_slave_0: entered promiscuous mode [ 107.091470][ T5838] hsr_slave_1: entered promiscuous mode [ 107.098246][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 107.106077][ T5838] Cannot create hsr debugfs directory [ 107.410324][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.448579][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.461146][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.493546][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.580094][ T5834] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 107.598502][ T5834] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 107.611878][ T5834] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 107.633060][ T5834] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 107.772692][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 107.798154][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 107.824882][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.853187][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.863845][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.958430][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.965391][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.980476][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.993182][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 108.022309][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 108.047835][ T4217] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.055172][ T4217] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.090483][ T4217] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.097803][ T4217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.157534][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.264246][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.319384][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.326608][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.334419][ T5835] Bluetooth: hci0: command tx timeout [ 108.374586][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.381870][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.396420][ T5835] Bluetooth: hci1: command tx timeout [ 108.401911][ T5835] Bluetooth: hci3: command tx timeout [ 108.461783][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.476824][ T5840] Bluetooth: hci2: command tx timeout [ 108.574627][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.624201][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.666696][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.673882][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.704081][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.733553][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.740825][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.755247][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.762645][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.802592][ T195] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.809886][ T195] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.858796][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.138403][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.177313][ T5837] veth0_vlan: entered promiscuous mode [ 109.231573][ T5837] veth1_vlan: entered promiscuous mode [ 109.333567][ T5834] veth0_vlan: entered promiscuous mode [ 109.389552][ T5834] veth1_vlan: entered promiscuous mode [ 109.471266][ T5837] veth0_macvtap: entered promiscuous mode [ 109.511782][ T5837] veth1_macvtap: entered promiscuous mode [ 109.551965][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.568843][ T5834] veth0_macvtap: entered promiscuous mode [ 109.580599][ T5834] veth1_macvtap: entered promiscuous mode [ 109.627350][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.650934][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.668464][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.695013][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.705346][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.731479][ T5837] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.740762][ T5837] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.750233][ T5837] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.759979][ T5837] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.775315][ T5834] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.788178][ T5834] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.797072][ T5834] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.806386][ T5834] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.871726][ T5839] veth0_vlan: entered promiscuous mode [ 109.909687][ T5839] veth1_vlan: entered promiscuous mode [ 109.988798][ T5838] veth0_vlan: entered promiscuous mode [ 110.064247][ T5838] veth1_vlan: entered promiscuous mode [ 110.088175][ T5839] veth0_macvtap: entered promiscuous mode [ 110.122583][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.143549][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.160876][ T5839] veth1_macvtap: entered promiscuous mode [ 110.173062][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.182947][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.224668][ T4217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.233792][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.243456][ T4217] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.264724][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.313127][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.326924][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.337724][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.347336][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.374094][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 110.389388][ T5838] veth0_macvtap: entered promiscuous mode [ 110.396421][ T5840] Bluetooth: hci0: command tx timeout [ 110.451926][ T5838] veth1_macvtap: entered promiscuous mode [ 110.476897][ T5840] Bluetooth: hci3: command tx timeout [ 110.482397][ T5840] Bluetooth: hci1: command tx timeout [ 110.490231][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.501810][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.555887][ T5840] Bluetooth: hci2: command tx timeout [ 110.597628][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.689013][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.752199][ T5838] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.768110][ T5838] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.780502][ T5838] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.791172][ T5838] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.839116][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.861778][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.003056][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.029003][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.113679][ T3548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.155460][ T3548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.230529][ T4217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.243611][ T4217] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.485412][ T5840] Bluetooth: hci0: command tx timeout [ 112.556457][ T5840] Bluetooth: hci1: command tx timeout [ 112.561972][ T5840] Bluetooth: hci3: command tx timeout [ 112.636519][ T5840] Bluetooth: hci2: command tx timeout [ 116.440900][ T5840] Bluetooth: hci0: unexpected event 0x20 length: 123 > 7 [ 126.048306][ T6395] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[6395] [ 127.231942][ T6429] can: request_module (can-proto-0) failed. [ 127.527917][ T30] audit: type=1800 audit(1748193688.753:2): pid=6443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.273" name="trace_pipe" dev="tracefs" ino=10 res=0 errno=0 [ 133.164633][ T30] audit: type=1800 audit(1748193694.393:3): pid=6634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.364" name="lu_gp_id" dev="configfs" ino=9047 res=0 errno=0 [ 138.111906][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.118615][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.883608][ T6751] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 138.925785][ T6751] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 139.102742][ T6751] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 139.316727][ T6751] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 139.360783][ T6751] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 139.490136][ T6751] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 139.616223][ T6751] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 139.624150][ T6751] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 139.790793][ T6751] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 139.867769][ T6751] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 139.875030][ T6751] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 139.987260][ T6751] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 140.641794][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 141.355782][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 141.675769][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 141.853471][ T30] audit: type=1326 audit(4294967303.290:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6830 comm="syz.0.461" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e37d8e969 code=0x0 [ 141.919500][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 142.207895][ T6841] __vm_enough_memory: pid: 6841, comm: syz.3.464, bytes: 4398046511104 not enough memory for the allocation [ 142.718500][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 142.887641][ T6857] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[6857] [ 143.115929][ T6866] syz.2.478 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 143.438897][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 143.755700][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 143.995699][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 144.802930][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 145.519856][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 145.841655][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 146.075839][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 150.731323][ T30] audit: type=1800 audit(4294967312.170:5): pid=7103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.595" name="discovery_nqn" dev="configfs" ino=10764 res=0 errno=0 [ 151.162374][ T7117] capability: warning: `syz.1.601' uses deprecated v2 capabilities in a way that may be insecure [ 158.864725][ T5840] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 159.045977][ T7398] mmap: syz.3.741 (7398) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 159.727206][ T7422] random: crng reseeded on system resumption [ 160.499454][ T7450] syz_tun: tun_chr_ioctl cmd 1074025680 [ 163.988941][ T7582] syz_tun: tun_chr_ioctl cmd 2147767520 [ 164.340302][ T7596] random: crng reseeded on system resumption [ 166.400701][ T5840] Bluetooth: hci2: unexpected event 0x31 length: 124 > 6 [ 167.036420][ T7688] random: crng reseeded on system resumption [ 168.079745][ T7712] random: crng reseeded on system resumption [ 170.269623][ T7781] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 170.727000][ T7796] random: crng reseeded on system resumption [ 176.048684][ T30] audit: type=1800 audit(4294969388.480:6): pid=8001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1042" name="dbroot" dev="configfs" ino=13080 res=0 errno=0 [ 176.924065][ T5840] Bluetooth: hci3: unexpected event 0x36 length: 123 > 7 [ 180.640722][ T30] audit: type=1800 audit(4294969397.082:7): pid=8176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1129" name="members" dev="configfs" ino=13689 res=0 errno=0 [ 181.957259][ T30] audit: type=1800 audit(4294969398.402:8): pid=8224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1153" name="trace_pipe" dev="tracefs" ino=52 res=0 errno=0 [ 186.729849][ T5840] Bluetooth: hci2: unexpected event 0x17 length: 123 > 6 [ 186.915263][ T8409] Unable to find swap-space signature [ 187.678990][ T8437] syz.1.1259(8437): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 188.600796][ T30] audit: type=1800 audit(4294969405.032:9): pid=8469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1276" name="version" dev="configfs" ino=14190 res=0 errno=0 [ 190.165928][ T5840] Bluetooth: hci1: unexpected event 0x23 length: 12 < 13 [ 191.171654][ T8566] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[8566] [ 193.893982][ T8667] ima: policy update failed [ 193.919466][ T30] audit: type=1802 audit(4294969410.362:10): pid=8667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1374" res=0 errno=0 [ 194.349448][ T8638] kexec: Could not allocate control_code_buffer [ 199.526185][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.532680][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.814320][ T8948] warning: `syz.3.1508' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 201.049305][ T8959] binder: 8957:8959 ioctl 40046205 38 returned -22 [ 205.008764][ T9133] kafs: addr_prefs: Invalid Command [ 205.455766][ T9152] block2mtd: parameter too long [ 205.679657][ T9160] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 209.413801][ T9310] delete_channel: no stack [ 209.745704][ T9323] binder: 9320:9323 ioctl c00c6211 38 returned -14 [ 209.822702][ T9327] zram: Added device: zram1 [ 213.426080][ T9466] zram: Added device: zram2 [ 214.451873][ T9513] sysfs_service_op_show: Client not running :-5: [ 214.532150][ T9515] block nbd14: the capability attribute has been deprecated. [ 215.040618][ T9533] Line length is too long: Should be less than 4094 [ 215.395795][ T9545] block2mtd: illegal erase size [ 216.099486][ T9572] zram: Added device: zram3 [ 219.349115][ T9706] cougar: G6 mapped to F18 [ 220.127157][ T9738] writes to the poll attribute are ignored. [ 220.139425][ T9738] please use driver specific parameters instead. [ 221.171842][ T9781] program syz.2.1916 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 221.186475][ T9781] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 222.049850][ T9825] ptp ptp0: only physical clock in use now [ 222.502316][ T9850] syz.2.1949 uses obsolete (PF_INET,SOCK_PACKET) [ 223.718777][ T9909] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 225.529043][ T9992] Setting dangerous option i915.mitigations - tainting kernel [ 225.544615][ T9992] Bad "i915.mitigations=!h@S", 'h@S' is unknown [ 225.816535][T10004] blkio.reset_stats is deprecated [ 229.887207][T10177] bond0: no command found in slaves file - use +ifname or -ifname [ 230.288388][T10198] Setting dangerous option i915.mitigations - tainting kernel [ 230.335076][T10198] Bad "i915.mitigations=!h@S", 'h@S' is unknown [ 230.762136][T10217] usbip-vudc usbip-vudc.0: gadget not bound [ 231.313775][T10241] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 234.580573][T10390] rtc_cmos 00:00: in use; can't configure [ 236.351497][ T30] audit: type=1400 audit(4294969452.792:11): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=10457 comm="syz.0.2248" [ 237.053005][T10491] process 'syz.2.2264' launched '/dev/fd/3' with NULL argv: empty string added [ 237.920629][T10532] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 238.504258][T10560] hub 8-0:1.0: USB hub found [ 238.512845][T10560] hub 8-0:1.0: 1 port detected [ 240.473599][T10658] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 240.507730][T10660] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 241.062174][T10677] Setting dangerous option i915.mitigations - tainting kernel [ 241.918974][T10713] vhci_hcd: invalid port number 16 [ 245.772273][T10876] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 246.864129][T10930] program syz.0.2480 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 246.880673][T10930] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 248.225891][T10989] ======================================================= [ 248.225891][T10989] WARNING: The mand mount option has been deprecated and [ 248.225891][T10989] and is ignored by this kernel. Remove the mand [ 248.225891][T10989] option from the mount to silence this warning. [ 248.225891][T10989] ======================================================= [ 248.261071][ C1] vkms_vblank_simulate: vblank timer overrun [ 248.890912][T11012] Process accounting resumed [ 248.979197][T11017] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 249.930759][T11063] queue_state_write: operation too long [ 249.945839][T11063] queue_state_write: use 'run', 'start' or 'kick' [ 250.169756][T11074] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.2548' sets config #5 [ 250.931587][T11107] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[11107] [ 252.773332][T11195] vivid-003: ================= START STATUS ================= [ 252.799991][T11195] vivid-003: Radio HW Seek Mode: Bounded [ 252.808663][T11195] vivid-003: Radio Programmable HW Seek: false [ 252.816241][T11195] vivid-003: RDS Rx I/O Mode: Block I/O [ 252.821971][T11195] vivid-003: Generate RBDS Instead of RDS: false [ 252.828988][T11195] vivid-003: RDS Reception: true [ 252.834110][T11195] vivid-003: RDS Program Type: 0 inactive [ 252.840501][T11195] vivid-003: RDS PS Name: inactive [ 252.849484][T11195] vivid-003: RDS Radio Text: inactive [ 252.865724][T11195] vivid-003: RDS Traffic Announcement: false inactive [ 252.876228][T11195] vivid-003: RDS Traffic Program: false inactive [ 252.893060][T11195] vivid-003: RDS Music: false inactive [ 252.903189][T11195] vivid-003: ================== END STATUS ================== [ 252.951059][ T30] audit: type=1806 audit(4294969469.392:12): xattr=2EC7871B res=-22 [ 253.062003][T11209] WARNING! power/level is deprecated; use power/control instead [ 253.144066][T11212] i2c i2c-0: delete_device: Can't parse I2C address [ 254.707726][T11286] zswap: compressor Ȯ9Qz%;0*lH`Bkjwjӳ<85'.Y[`2Y$`Yvgִq"b%zN[O EiFi(Sh3Kx>ԝRS=kHɟ{?Bbޝ4)> not available [ 256.591803][T11374] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 258.831830][T11476] block2mtd: illegal erase size [ 260.421280][ T30] audit: type=1800 audit(4294969476.862:13): pid=11554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2782" name="members" dev="configfs" ino=24608 res=0 errno=0 [ 260.961333][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.970066][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.212457][T11594] ubi0: attaching mtd0 [ 261.222144][T11594] ubi0: scanning is finished [ 261.227574][T11594] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 261.430913][T11594] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 261.652751][T11611] XFS: irix_symlink_mode sysctl option is deprecated. [ 262.219820][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.410512][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.625527][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.783210][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.072289][ T5835] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 263.087022][ T5835] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 263.095431][ T5835] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 263.104674][ T5835] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 263.112790][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 263.275424][ T12] bridge_slave_1: left allmulticast mode [ 263.281976][ T12] bridge_slave_1: left promiscuous mode [ 263.302843][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.354767][ T12] bridge_slave_0: left allmulticast mode [ 263.377118][ T12] bridge_slave_0: left promiscuous mode [ 263.382996][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.663888][T11677] QAT: failed to copy from user. [ 264.500607][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 264.597327][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 264.647690][ T12] bond0 (unregistering): Released all slaves [ 265.067210][T11712] ICMPv6: process `syz.3.2854' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 265.196756][ T5840] Bluetooth: hci0: command tx timeout [ 265.242565][T11718] ima: policy update failed [ 265.273014][ T30] audit: type=1802 audit(4294969481.702:14): pid=11718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2856" res=0 errno=0 [ 265.717359][T11654] chnl_net:caif_netlink_parms(): no params data found [ 266.045747][ T12] hsr_slave_0: left promiscuous mode [ 266.075972][ T12] hsr_slave_1: left promiscuous mode [ 266.082287][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 266.100014][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 266.113381][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 266.133124][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 266.237177][ T12] veth1_macvtap: left promiscuous mode [ 266.249492][ T12] veth0_macvtap: left promiscuous mode [ 266.255367][ T12] veth1_vlan: left promiscuous mode [ 266.285883][ T12] veth0_vlan: left promiscuous mode [ 267.018930][T11776] Debayer A: ================= START STATUS ================= [ 267.027285][T11776] Debayer A: Debayer Mean Window Size: 3 [ 267.034298][T11776] Debayer A: ================== END STATUS ================== [ 267.275842][ T5840] Bluetooth: hci0: command tx timeout [ 267.795264][ T12] team0 (unregistering): Port device team_slave_1 removed [ 267.925015][ T12] team0 (unregistering): Port device team_slave_0 removed [ 269.284234][T11858] ecryptfs_miscdev_write: Error while inspecting packet size [ 269.365026][ T5840] Bluetooth: hci0: command tx timeout [ 269.606299][T11654] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.613602][T11654] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.635886][T11654] bridge_slave_0: entered allmulticast mode [ 269.655654][T11654] bridge_slave_0: entered promiscuous mode [ 269.715905][T11654] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.745826][T11654] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.753141][T11654] bridge_slave_1: entered allmulticast mode [ 269.773878][T11654] bridge_slave_1: entered promiscuous mode [ 269.900771][T11654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 269.935285][T11654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 270.091546][T11654] team0: Port device team_slave_0 added [ 270.119810][T11654] team0: Port device team_slave_1 added [ 270.288235][T11654] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 270.295265][T11654] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 270.332373][T11654] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 270.350905][T11654] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 270.362729][T11654] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 270.408409][T11654] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 270.722501][T11654] hsr_slave_0: entered promiscuous mode [ 270.747390][T11654] hsr_slave_1: entered promiscuous mode [ 270.786208][T11654] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 270.793850][T11654] Cannot create hsr debugfs directory [ 271.435655][ T5840] Bluetooth: hci0: command tx timeout [ 271.658252][T11654] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 271.665046][T11923] cougar: G6 mapped to space [ 271.730737][T11654] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 271.810938][T11654] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 271.852294][T11654] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 272.290844][T11654] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.392477][T11654] 8021q: adding VLAN 0 to HW filter on device team0 [ 272.462971][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.471038][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.510138][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.517465][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 273.402225][T11654] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 274.260539][T11654] veth0_vlan: entered promiscuous mode [ 274.291383][T11654] veth1_vlan: entered promiscuous mode [ 274.447049][T11654] veth0_macvtap: entered promiscuous mode [ 274.472638][T11654] veth1_macvtap: entered promiscuous mode [ 274.530651][T11654] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 274.601372][T11654] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 274.629588][T11654] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.665617][T11654] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.674445][T11654] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.719215][T11654] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.969304][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.009001][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.114428][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.155860][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 277.338230][T12117] synth uevent: /bus/memstick: unknown uevent action string [ 278.547063][ T5840] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 278.547108][ T5840] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 278.561947][ T5840] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 282.853040][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 282.861029][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 284.580663][T12380] ICMPv6: process `syz.0.3114' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 285.611594][T12419] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 287.983847][T12510] usb usb36: usbfs: process 12510 (syz.0.3173) did not claim interface 0 before use [ 289.633352][T12584] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 293.404634][T12742] afs: Bad value for 'source' [ 296.059199][T12835] kAFS: Invalid Command on /proc/fs/afs/cells file [ 297.333178][T12875] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 304.490770][T13107] sysfs_service_op_store: Client not running :-5: [ 307.622622][T13236] [U]  [ 308.110440][T13258] binder: binder_mmap: 13256 0-1000 bad vm_flags failed -1 [ 308.282373][T13265] mmap: syz.0.3483 (13265): VmData 37601280 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 310.327655][ T30] audit: type=1807 audit(4294967314.450:15): UNKNOWN= res=0 [ 310.341428][ T30] audit: type=1802 audit(4294967314.460:16): pid=13348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.3521" res=0 errno=0 [ 310.341912][T13347] ima: policy update failed [ 310.416168][ T30] audit: type=1802 audit(4294967314.530:17): pid=13347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3521" res=0 errno=0 [ 314.579798][T13492] ima: policy update failed [ 314.601309][ T30] audit: type=1802 audit(4294967299.160:18): pid=13492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3592" res=0 errno=0 [ 318.970250][T13664] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2) [ 318.970892][T13663] ima: policy update failed [ 318.995105][ T30] audit: type=1802 audit(4294967303.580:19): pid=13663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.3675" res=0 errno=0 [ 320.119921][T13719] zram0: detected capacity change from 0 to 8 [ 321.386149][T13781] : Can't lookup blockdev [ 322.401824][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.409692][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.679354][T13840] aoe: copy from user failed [ 322.684036][T13840] aoe: could not set interface list: too many interfaces [ 322.706975][T13837] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.028740][T13900] tipc: Can't bind to reserved service type 1 [ 324.438604][T13920] : Can't lookup blockdev [ 324.680907][T13931] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 324.727841][ C1] vkms_vblank_simulate: vblank timer overrun [ 324.955337][T13946] ceph: Failed to parse sending metrics switch value 'P^' [ 325.142839][T13956] < [ 325.658099][T13978] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 325.693987][T13978] CIFS mount error: No usable UNC path provided in device string! [ 325.693987][T13978] [ 325.708903][T13978] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 327.043983][T14047] deleting an unspecified loop device is not supported. [ 327.082677][T14050] block2mtd: illegal erase size [ 328.582374][T14121] rnbd_client L213: map_device: Parameters missing [ 331.621315][T14267] usb usb2: usbfs: process 14267 (syz.1.3967) did not claim interface 1 before use [ 332.050556][T14288] synth uevent: /module/l2tp_ip6: unknown uevent action string [ 333.165786][T14342] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to -1. Contact your vendor for updates. [ 333.592096][T14362] Setting dangerous option i915.mitigations - tainting kernel [ 334.379659][T14399] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5) [ 334.505285][T14404] delete_channel: no stack [ 335.178693][T14431] syz.0.4048 (14431): attempted to duplicate a private mapping with mremap. This is not supported. [ 337.045656][T14527] ubi0: attaching mtd0 [ 337.074720][T14527] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 339.990737][T14657] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 340.647765][T14688] binder: 14686:14688 ioctl c0306201 2000000000c0 returned -14 [ 342.820981][T14795] overlayfs: "check_copy_up" module option is obsolete [ 342.844374][T14797] usb usb16: usbfs: process 14797 (syz.1.4227) did not claim interface 0 before use [ 343.443223][ T30] audit: type=1804 audit(4294967328.020:20): pid=14825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.4239" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 344.356726][T14871] dyndbg: bad flag-op , at start of [ 344.362434][T14871] dyndbg: flags parse failed [ 344.367650][T14871] dyndbg: bad flag-op , at start of [ 344.373299][T14871] dyndbg: flags parse failed [ 345.371704][T14921] queue_state_write: unsupported operation '' [ 345.378171][T14921] queue_state_write: use 'run', 'start' or 'kick' [ 345.385091][T14923] random: crng reseeded on system resumption [ 347.289136][T15002] delete_channel: no stack [ 347.799807][T15031] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 350.215169][T15145] random: crng reseeded on system resumption [ 350.742558][ T5840] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 351.066835][ T5840] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 351.090598][ T5840] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 351.090641][ T5840] Bluetooth: hci1: unexpected subevent 0x05 length: 725 > 12 [ 352.668605][T15255] random: crng reseeded on system resumption [ 353.120368][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 355.504385][T15385] bond0: option packets_per_slave: invalid value ( Xnp) [ 355.515208][T15385] bond0: option packets_per_slave: allowed values 0 - 65535 [ 356.760284][T15442] nvme_fcloop: unknown parameter or missing value '7' [ 361.609934][T15673] program syz.1.4654 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 362.771879][T15722] bcache: register_bcache() error : failed to open device [ 365.490605][T15859] Invalid input. Must be >= 4608 [ 365.813560][ T30] audit: type=1806 audit(4294967350.390:21): res=-14 [ 366.003202][T15879] aoe: invalid device specification [ 368.759498][T16009] misc userio: Invalid payload size [ 370.133562][T16075] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[16075] [ 372.090835][T16168] Ignoring unsupported numa_zonelist_order value: [ 372.090835][T16168] [ 372.827778][T16195] syz_tun: tun_chr_ioctl cmd 1074025698 [ 375.195888][T16309] CIFS mount error: No usable UNC path provided in device string! [ 375.195888][T16309] [ 375.216695][T16309] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 376.052464][T16354] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 376.427032][T16370] nfsd: Unknown parameter '^B-' [ 378.464808][T16473] sysfs_service_op_show: Client not running :-5: [ 379.776489][ T30] audit: type=1806 audit(4294967364.360:22): res=-14 [ 382.417432][T16629] zram: Can't change algorithm for initialized device [ 383.641535][T16682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 383.657131][T16682] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 383.686103][T16682] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 383.694909][T16682] page_type: f5(slab) [ 383.705560][T16682] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001 [ 383.725519][T16682] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 383.734246][T16682] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001 [ 383.785634][T16682] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 383.794472][T16682] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 383.819130][T16682] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 383.833955][T16682] page dumped because: unmovable page [ 383.854066][T16682] page_owner tracks the page as allocated [ 383.856006][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.862238][T16682] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 12, tgid 12 (kworker/u8:0), ts 242605818184, free_ts 242117392510 [ 383.875522][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.888059][T16682] post_alloc_hook+0x181/0x1b0 [ 383.898947][T16682] get_page_from_freelist+0x135c/0x3920 [ 383.904667][T16682] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 383.911094][T16682] alloc_pages_mpol+0x1fb/0x550 [ 383.918944][T16682] new_slab+0x244/0x340 [ 383.922495][T16693] cifs: Unknown parameter '#ʑC ˀH/R{<' [ 383.923338][T16682] ___slab_alloc+0xd9c/0x1940 [ 383.934821][T16682] __slab_alloc.constprop.0+0x56/0xb0 [ 383.940467][T16682] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 383.948678][T16682] kmalloc_reserve+0xef/0x2c0 [ 383.953576][T16682] __alloc_skb+0x166/0x380 [ 383.959283][T16682] nsim_dev_trap_report_work+0x2b1/0xcf0 [ 383.965107][T16682] process_one_work+0x9cf/0x1b70 [ 383.970770][T16682] worker_thread+0x6c8/0xf10 [ 383.978092][T16682] kthread+0x3c2/0x780 [ 383.982524][T16682] ret_from_fork+0x48/0x80 [ 383.987575][T16682] ret_from_fork_asm+0x1a/0x30 [ 383.992689][T16682] page last free pid 5837 tgid 5837 stack trace: [ 384.000147][T16682] __free_frozen_pages+0x69d/0xff0 [ 384.026276][T16682] __put_partials+0x16d/0x1c0 [ 384.031264][T16682] qlist_free_all+0x4e/0x120 [ 384.036682][T16682] kasan_quarantine_reduce+0x195/0x1e0 [ 384.048194][T16682] __kasan_slab_alloc+0x69/0x90 [ 384.065590][T16682] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 384.071173][T16682] vm_area_dup+0x23/0x700 [ 384.077545][T16682] copy_process+0x7f59/0x91b0 [ 384.077599][T16682] kernel_clone+0xfc/0x960 [ 384.077641][T16682] __do_sys_clone+0xce/0x120 [ 384.077684][T16682] do_syscall_64+0xcd/0x230 [ 384.077736][T16682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.310089][ T30] audit: type=1806 audit(4294967368.890:23): xattr="" res=-22 [ 385.305759][T16761] QAT: Invalid ioctl 21531 [ 385.915695][ T5835] Bluetooth: hci0: command 0x0406 tx timeout [ 386.014483][ T5840] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 386.014528][ T5840] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 386.030497][ T5840] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 387.485799][T16860] block nbd8: NBD_DISCONNECT [ 388.176376][T16900] Scaler: ================= START STATUS ================= [ 388.183879][T16900] Scaler: ================== END STATUS ================== [ 388.366688][T16909] : Can't lookup blockdev [ 393.413248][T17148] aoe: can't write to that file. [ 395.805768][ T30] audit: type=1800 audit(4294967388.381:24): pid=17266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5414" name="features" dev="configfs" ino=42377 res=0 errno=0 [ 397.440680][ T30] audit: type=1800 audit(4294967390.021:25): pid=17341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5450" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 400.365549][T17450] kafs: addr_prefs: Too many elements in string [ 401.142711][T17482] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706]. [ 407.638287][T17734] [ 407.935615][T17746] Format for deleting device is "id" (uint). [ 408.330981][T17765] nvme_fcloop: unknown parameter or missing value '^/]' [ 411.763020][T17907] vmstat_refresh: nr_hugetlb -2048 [ 413.666813][T17979] [ 413.669226][T17979] ====================================================== [ 413.676281][T17979] WARNING: possible circular locking dependency detected [ 413.683345][T17979] 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 Tainted: G U I [ 413.692064][T17979] ------------------------------------------------------ [ 413.699125][T17979] syz.3.5736/17979 is trying to acquire lock: [ 413.705227][T17979] ffff888025fdacd8 (&q->elevator_lock){+.+.}-{4:4}, at: elv_iosched_store+0x201/0x5f0 [ 413.714912][T17979] [ 413.714912][T17979] but task is already holding lock: [ 413.722319][T17979] ffff888025fda7a8 (&q->q_usage_counter(io)#55){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 413.733692][T17979] [ 413.733692][T17979] which lock already depends on the new lock. [ 413.733692][T17979] [ 413.744149][T17979] [ 413.744149][T17979] the existing dependency chain (in reverse order) is: [ 413.753203][T17979] [ 413.753203][T17979] -> #2 (&q->q_usage_counter(io)#55){++++}-{0:0}: [ 413.761891][T17979] blk_alloc_queue+0x619/0x760 [ 413.767258][T17979] blk_mq_alloc_queue+0x179/0x290 [ 413.772875][T17979] __blk_mq_alloc_disk+0x29/0x120 [ 413.778494][T17979] nbd_dev_add+0x49d/0xbb0 [ 413.783489][T17979] nbd_init+0x181/0x320 [ 413.788238][T17979] do_one_initcall+0x120/0x6e0 [ 413.793590][T17979] kernel_init_freeable+0x5c2/0x900 [ 413.799383][T17979] kernel_init+0x1c/0x2b0 [ 413.804285][T17979] ret_from_fork+0x48/0x80 [ 413.809273][T17979] ret_from_fork_asm+0x1a/0x30 [ 413.814632][T17979] [ 413.814632][T17979] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 413.821923][T17979] fs_reclaim_acquire+0x102/0x150 [ 413.827551][T17979] kmem_cache_alloc_noprof+0x53/0x3b0 [ 413.833500][T17979] __kernfs_new_node+0xd2/0x8a0 [ 413.838900][T17979] kernfs_new_node+0x13c/0x1e0 [ 413.844216][T17979] kernfs_create_dir_ns+0x4c/0x1a0 [ 413.849879][T17979] sysfs_create_dir_ns+0x13a/0x2b0 [ 413.855646][T17979] kobject_add_internal+0x2c4/0x9b0 [ 413.861399][T17979] kobject_add+0x16e/0x240 [ 413.866357][T17979] elv_register_queue+0xd3/0x2a0 [ 413.871846][T17979] blk_register_queue+0x3c4/0x560 [ 413.877412][T17979] add_disk_fwnode+0x911/0x13a0 [ 413.882817][T17979] nbd_dev_add+0x78e/0xbb0 [ 413.887776][T17979] nbd_init+0x181/0x320 [ 413.892483][T17979] do_one_initcall+0x120/0x6e0 [ 413.897801][T17979] kernel_init_freeable+0x5c2/0x900 [ 413.903560][T17979] kernel_init+0x1c/0x2b0 [ 413.908436][T17979] ret_from_fork+0x48/0x80 [ 413.913394][T17979] ret_from_fork_asm+0x1a/0x30 [ 413.918718][T17979] [ 413.918718][T17979] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 413.926571][T17979] __lock_acquire+0x1173/0x1ba0 [ 413.931991][T17979] lock_acquire+0x179/0x350 [ 413.937044][T17979] __mutex_lock+0x199/0xb90 [ 413.942108][T17979] elv_iosched_store+0x201/0x5f0 [ 413.947601][T17979] queue_attr_store+0x273/0x310 [ 413.952995][T17979] sysfs_kf_write+0xef/0x150 [ 413.958143][T17979] kernfs_fop_write_iter+0x351/0x510 [ 413.963993][T17979] iter_file_splice_write+0x91f/0x1150 [ 413.970014][T17979] direct_splice_actor+0x18f/0x6c0 [ 413.975699][T17979] splice_direct_to_actor+0x342/0xa30 [ 413.981628][T17979] do_splice_direct+0x174/0x240 [ 413.987039][T17979] do_sendfile+0xafd/0xe50 [ 413.991996][T17979] __x64_sys_sendfile64+0x1d8/0x220 [ 413.997746][T17979] do_syscall_64+0xcd/0x230 [ 414.002806][T17979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.009247][T17979] [ 414.009247][T17979] other info that might help us debug this: [ 414.009247][T17979] [ 414.019483][T17979] Chain exists of: [ 414.019483][T17979] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#55 [ 414.019483][T17979] [ 414.033267][T17979] Possible unsafe locking scenario: [ 414.033267][T17979] [ 414.040729][T17979] CPU0 CPU1 [ 414.046105][T17979] ---- ---- [ 414.051482][T17979] lock(&q->q_usage_counter(io)#55); [ 414.056901][T17979] lock(fs_reclaim); [ 414.063443][T17979] lock(&q->q_usage_counter(io)#55); [ 414.071379][T17979] lock(&q->elevator_lock); [ 414.075993][T17979] [ 414.075993][T17979] *** DEADLOCK *** [ 414.075993][T17979] [ 414.084229][T17979] 5 locks held by syz.3.5736/17979: [ 414.089438][T17979] #0: ffff88802dad2420 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x342/0xa30 [ 414.099522][T17979] #1: ffff888034aa7c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 414.109333][T17979] #2: ffff888143b2cf08 (kn->active#66){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 414.119436][T17979] #3: ffff888025fda7a8 (&q->q_usage_counter(io)#55){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 414.131172][T17979] #4: ffff888025fda7e0 (&q->q_usage_counter(queue)#7){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 414.143068][T17979] [ 414.143068][T17979] stack backtrace: [ 414.148987][T17979] CPU: 1 UID: 0 PID: 17979 Comm: syz.3.5736 Tainted: G U I 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) [ 414.149044][T17979] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 414.149058][T17979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 414.149082][T17979] Call Trace: [ 414.149093][T17979] [ 414.149107][T17979] dump_stack_lvl+0x116/0x1f0 [ 414.149149][T17979] print_circular_bug+0x275/0x350 [ 414.149185][T17979] check_noncircular+0x14c/0x170 [ 414.149223][T17979] __lock_acquire+0x1173/0x1ba0 [ 414.149265][T17979] lock_acquire+0x179/0x350 [ 414.149299][T17979] ? elv_iosched_store+0x201/0x5f0 [ 414.149337][T17979] ? __pfx___might_resched+0x10/0x10 [ 414.149367][T17979] ? do_raw_spin_lock+0x12c/0x2b0 [ 414.149410][T17979] __mutex_lock+0x199/0xb90 [ 414.149452][T17979] ? elv_iosched_store+0x201/0x5f0 [ 414.149488][T17979] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 414.149525][T17979] ? elv_iosched_store+0x201/0x5f0 [ 414.149559][T17979] ? lockdep_hardirqs_on+0x7c/0x110 [ 414.149598][T17979] ? __pfx___mutex_lock+0x10/0x10 [ 414.149643][T17979] ? __pfx_autoremove_wake_function+0x10/0x10 [ 414.149685][T17979] ? elv_iosched_store+0x201/0x5f0 [ 414.149720][T17979] elv_iosched_store+0x201/0x5f0 [ 414.149755][T17979] ? __x64_sys_sendfile64+0x1d8/0x220 [ 414.149788][T17979] ? __pfx_elv_iosched_store+0x10/0x10 [ 414.149826][T17979] ? __mutex_trylock_common+0xe9/0x250 [ 414.149863][T17979] ? __pfx_elv_iosched_store+0x10/0x10 [ 414.149899][T17979] queue_attr_store+0x273/0x310 [ 414.149924][T17979] ? __pfx_queue_attr_store+0x10/0x10 [ 414.149958][T17979] ? find_held_lock+0x2b/0x80 [ 414.149983][T17979] ? sysfs_file_kobj+0xe4/0x290 [ 414.150023][T17979] ? __pfx_queue_attr_store+0x10/0x10 [ 414.150048][T17979] sysfs_kf_write+0xef/0x150 [ 414.150087][T17979] kernfs_fop_write_iter+0x351/0x510 [ 414.150122][T17979] ? __pfx_sysfs_kf_write+0x10/0x10 [ 414.150162][T17979] iter_file_splice_write+0x91f/0x1150 [ 414.150215][T17979] ? __pfx_iter_file_splice_write+0x10/0x10 [ 414.150262][T17979] ? __pfx_copy_splice_read+0x10/0x10 [ 414.150309][T17979] ? __pfx_iter_file_splice_write+0x10/0x10 [ 414.150353][T17979] direct_splice_actor+0x18f/0x6c0 [ 414.150396][T17979] splice_direct_to_actor+0x342/0xa30 [ 414.150440][T17979] ? __pfx_direct_splice_actor+0x10/0x10 [ 414.150485][T17979] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 414.150530][T17979] do_splice_direct+0x174/0x240 [ 414.150571][T17979] ? __pfx_do_splice_direct+0x10/0x10 [ 414.150611][T17979] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 414.150654][T17979] ? rw_verify_area+0xcf/0x680 [ 414.150702][T17979] do_sendfile+0xafd/0xe50 [ 414.150728][T17979] ? __pfx_do_sendfile+0x10/0x10 [ 414.150754][T17979] ? __x64_sys_futex+0x1e0/0x4c0 [ 414.150783][T17979] ? __x64_sys_futex+0x1e9/0x4c0 [ 414.150814][T17979] __x64_sys_sendfile64+0x1d8/0x220 [ 414.150847][T17979] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 414.150879][T17979] ? rcu_is_watching+0x12/0xc0 [ 414.150908][T17979] do_syscall_64+0xcd/0x230 [ 414.150950][T17979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.150978][T17979] RIP: 0033:0x7ff4b0b8e969 [ 414.150999][T17979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 414.151025][T17979] RSP: 002b:00007ff4b19d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 414.151049][T17979] RAX: ffffffffffffffda RBX: 00007ff4b0db5fa0 RCX: 00007ff4b0b8e969 [ 414.151066][T17979] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 414.151081][T17979] RBP: 00007ff4b0c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 414.151097][T17979] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 414.151113][T17979] R13: 0000000000000000 R14: 00007ff4b0db5fa0 R15: 00007ffddeda6cd8 [ 414.151137][T17979]